Simplify Mandrill webhook validation handshake.

Anymail was requiring Mandrill's webhook authentication key for the initial webhook url validation request from Mandrill, but Mandrill doesn't issue the key until that validation request succeeds. * Defer complaining about missing Mandrill webhook key until actual event post. * Document the double-deploy process required to set up Mandrill webhooks. Fixes #46.
2025-12-20 03:41:05 -05:00 · 2016-12-16 14:24:46 -08:00
parent 52596394cc
commit 146afbaf3b
3 changed files with 39 additions and 12 deletions
--- a/tests/test_mandrill_webhooks.py
+++ b/tests/test_mandrill_webhooks.py
@@ -41,10 +41,17 @@ def mandrill_args(events=None, url='/anymail/mandrill/tracking/', key=TEST_WEBHO

 class MandrillWebhookSettingsTestCase(WebhookTestCase):
    def test_requires_webhook_key(self):
-        with self.assertRaises(ImproperlyConfigured):
+        with self.assertRaisesRegex(ImproperlyConfigured, r'MANDRILL_WEBHOOK_KEY'):
            self.client.post('/anymail/mandrill/tracking/',
                             data={'mandrill_events': '[]'})

+    def test_head_does_not_require_webhook_key(self):
+        # Mandrill issues an unsigned HEAD request to verify the wehbook url.
+        # Only *after* that succeeds will Mandrill will tell you the webhook key.
+        # So make sure that HEAD request will go through without any key set:
+        response = self.client.head('/anymail/mandrill/tracking/')
+        self.assertEqual(response.status_code, 200)
+

@override_settings(ANYMAIL_MANDRILL_WEBHOOK_KEY=TEST_WEBHOOK_KEY)
 class MandrillWebhookSecurityTestCase(WebhookTestCase, WebhookBasicAuthTestsMixin):